FreeBSD Bugzilla – Attachment 90365 Details for
Bug 127532
[patch] install(1): install -S Not Safe in Jail with security.jail.chflags_allowed: 0
Home
|
New
|
Browse
|
Search
|
[?]
|
Reports
|
Help
|
New Account
|
Log In
Remember
[x]
|
Forgot Password
Login:
[x]
[patch]
xinstall-unsafe--S.diff
xinstall-unsafe--S.diff (text/x-diff; charset=us-ascii), 4.75 KB, created by
Jaakko Heinonen
on 2008-09-29 15:39:53 UTC
(
hide
)
Description:
xinstall-unsafe--S.diff
Filename:
MIME Type:
Creator:
Jaakko Heinonen
Created:
2008-09-29 15:39:53 UTC
Size:
4.75 KB
patch
obsolete
>Index: usr.bin/xinstall/xinstall.c >=================================================================== >--- usr.bin/xinstall/xinstall.c (revision 183263) >+++ usr.bin/xinstall/xinstall.c (working copy) >@@ -93,6 +93,7 @@ int create_tempfile(const char *, char * > void install(const char *, const char *, u_long, u_int); > void install_dir(char *); > u_long numeric_id(const char *, const char *); >+void set_attributes(int, const char *); > void strip(const char *); > int trymmap(int); > void usage(void); >@@ -353,6 +354,9 @@ install(const char *from_name, const cha > tempcopy ? tempfile : to_name, from_sb.st_size); > } > >+ if (!devnull) >+ (void)close(from_fd); >+ > if (dostrip) { > strip(tempcopy ? tempfile : to_name); > >@@ -369,9 +373,8 @@ install(const char *from_name, const cha > /* > * Compare the stripped temp file with the target. > */ >+ temp_fd = to_fd; > if (docompare && dostrip && target) { >- temp_fd = to_fd; >- > /* Re-open to_fd using the real target name. */ > if ((to_fd = open(to_name, O_RDONLY, 0)) < 0) > err(EX_OSERR, "%s", to_name); >@@ -400,7 +403,6 @@ install(const char *from_name, const cha > files_match = 1; > (void)unlink(tempfile); > } >- (void) close(temp_fd); > } > } > >@@ -409,6 +411,12 @@ install(const char *from_name, const cha > * and the files are different (or just not compared). > */ > if (tempcopy && !files_match) { >+ /* >+ * Set attributes before rename so we can safely abort >+ * on failure and leave the target untouched. >+ */ >+ set_attributes(temp_fd, tempfile); >+ > /* Try to turn off the immutable bits. */ > if (to_sb.st_flags & NOCHANGEBITS) > (void)chflags(to_name, to_sb.st_flags & ~NOCHANGEBITS); >@@ -443,7 +451,11 @@ install(const char *from_name, const cha > (void) close(to_fd); > if ((to_fd = open(to_name, O_RDONLY, 0)) < 0) > err(EX_OSERR, "%s", to_name); >- } >+ } else >+ set_attributes(to_fd, to_name); >+ >+ if (docompare && dostrip && target) >+ (void)close(temp_fd); > > /* > * Preserve the timestamp of the source file if necessary. >@@ -456,42 +468,6 @@ install(const char *from_name, const cha > (void)utimes(to_name, tvb); > } > >- if (fstat(to_fd, &to_sb) == -1) { >- serrno = errno; >- (void)unlink(to_name); >- errno = serrno; >- err(EX_OSERR, "%s", to_name); >- } >- >- /* >- * Set owner, group, mode for target; do the chown first, >- * chown may lose the setuid bits. >- */ >- if ((gid != (gid_t)-1 && gid != to_sb.st_gid) || >- (uid != (uid_t)-1 && uid != to_sb.st_uid) || >- (mode != (to_sb.st_mode & ALLPERMS))) { >- /* Try to turn off the immutable bits. */ >- if (to_sb.st_flags & NOCHANGEBITS) >- (void)fchflags(to_fd, to_sb.st_flags & ~NOCHANGEBITS); >- } >- >- if ((gid != (gid_t)-1 && gid != to_sb.st_gid) || >- (uid != (uid_t)-1 && uid != to_sb.st_uid)) >- if (fchown(to_fd, uid, gid) == -1) { >- serrno = errno; >- (void)unlink(to_name); >- errno = serrno; >- err(EX_OSERR,"%s: chown/chgrp", to_name); >- } >- >- if (mode != (to_sb.st_mode & ALLPERMS)) >- if (fchmod(to_fd, mode)) { >- serrno = errno; >- (void)unlink(to_name); >- errno = serrno; >- err(EX_OSERR, "%s: chmod", to_name); >- } >- > /* > * If provided a set of flags, set them, otherwise, preserve the > * flags, except for the dump flag. >@@ -508,7 +484,7 @@ install(const char *from_name, const cha > warn("%s: chflags", to_name); > else { > serrno = errno; >- (void)unlink(to_name); >+ (void)close(to_fd); > errno = serrno; > err(EX_OSERR, "%s: chflags", to_name); > } >@@ -516,8 +492,6 @@ install(const char *from_name, const cha > } > > (void)close(to_fd); >- if (!devnull) >- (void)close(from_fd); > } > > /* >@@ -701,6 +675,54 @@ copy(int from_fd, const char *from_name, > } > > /* >+ * set_attributes -- >+ * set file mode, uid and gid >+ */ >+void >+set_attributes(int fd, const char *filename) >+{ >+ struct stat sb; >+ int serrno; >+ >+ if (fstat(fd, &sb) == -1) { >+ serrno = errno; >+ (void)unlink(filename); >+ errno = serrno; >+ err(EX_OSERR, "%s", filename); >+ } >+ >+ /* >+ * Set owner, group, mode for target; do the chown first, >+ * chown may lose the setuid bits. >+ */ >+ if ((gid != (gid_t)-1 && gid != sb.st_gid) || >+ (uid != (uid_t)-1 && uid != sb.st_uid) || >+ (mode != (sb.st_mode & ALLPERMS))) { >+ /* Try to turn off the immutable bits. */ >+ if (sb.st_flags & NOCHANGEBITS) >+ (void)fchflags(fd, sb.st_flags & ~NOCHANGEBITS); >+ } >+ >+ if ((gid != (gid_t)-1 && gid != sb.st_gid) || >+ (uid != (uid_t)-1 && uid != sb.st_uid)) >+ if (fchown(fd, uid, gid) == -1) { >+ serrno = errno; >+ (void)unlink(filename); >+ errno = serrno; >+ err(EX_OSERR,"%s: chown/chgrp", filename); >+ } >+ >+ >+ if (mode != (sb.st_mode & ALLPERMS)) >+ if (fchmod(fd, mode)) { >+ serrno = errno; >+ (void)unlink(filename); >+ errno = serrno; >+ err(EX_OSERR, "%s: chmod", filename); >+ } >+} >+ >+/* > * strip -- > * use strip(1) to strip the target file > */
You cannot view the attachment while viewing its details because your browser does not support IFRAMEs.
View the attachment on a separate page
.
View Attachment As Diff
View Attachment As Raw
Actions:
View
|
Diff
Attachments on
bug 127532
: 90365 |
90366